<?php
Class ModelUser
{
	public function getUserInfo($username, $password)
	{
		$sql = "SELECT admin_id, admin_firstname, admin_lastname, admin_email 
				FROM tbl_admin
				WHERE admin_username = '" . $username . "'
				AND admin_passwd = '" . md5($password) . "' 
				AND status = 1";
		$user_arr = DB::fetchRow($sql);
		return $user_arr;
		
	}
        public function getUserlist()
        {
            $sql = "SELECT  * from tbl_user order by registerdate desc";
		$user_arr = DB::fetchAll($sql);
		return $user_arr;
        }

         public function saveUser($request)
        {
           if($this->isEmailexist($request["user_email"])){
              exit( "<span class='error'>User email already exist in the database</span>");
           }
           $sql = "insert into tbl_user (user_email,user_passwd,user_firstname,user_lastname,user_address,user_city,user_phone,userfax,
                secret_question,secret_answer,status,Designation,companyname,companyaddress,typeofbusiness,
                industry,prefferedpayment,profession,nicno,usertype,iscreditor,registerdate)
                values ('".$request["user_email"] ."','".$request["user_passwd"]."','".$request["user_firstname"]."','".$request["user_lastname"]."',
                '".$request["user_address"]."','".$request["user_city"]."','".$request["user_phone"]."','".$request["user_fax"]."','".$request["secret_question"]."'
                ,'".$request["secret_answer"]."','".$request["status"]."','".$request["Designation"]."',
                '".$request["companyname"]."','".$request["companyaddress"]."','".$request["typeofbusiness"]."',
                '".$request["industry"]."','".$request["prefferedpayment"]."','".$request["profession"]."','".$request["nicno"]."','".$request["user_type"]."','".$request["iscreditor"]."',now()) ";
         //  echo $sql;
		$insert = DB::exec($sql);
		if($insert)
		{
			echo "<span class='success'>User details has been successfully updated</span>";
		}
        }

       

         function updateUser($request){
           // print_r($request);
           $sql="";
           if(strlen($request["user_passwd"])>0){
               $sql= " update tbl_user  set user_passwd='".md5($request["user_passwd"])."',user_firstname='".$request["user_firstname"]."',user_lastname='".$request["user_lastname"]."',user_address='".$request["user_address"]."',user_city='".$request["user_city"]."',user_phone='".$request["user_phone"]."',
                secret_question='".$request["secret_question"]."',secret_answer='".$request["secret_answer"]."',status=".$request["Status"].",Designation='".$request["Designation"]."',companyname='".$request["companyname"]."',companyaddress='".$request["companyaddress"]."',typeofbusiness='".$request["typeofbusiness"]."',
               userfax='".$request["user_fax"]."', industry='".$request["industry"]."',usertype=".$request["user_type"]." ,profession='".$request["profession"]."',user_address='".$request["user_address"]."' ,nicno='".$request["nicno"]."',prefferedpayment='".$request["prefferedpayment"]."',iscreditor=".$request["iscreditor"]." WHERE user_id=".$request["user_id"]."";
           }
           else{
               $sql= " update tbl_user  set  user_firstname='".$request["user_firstname"]."',user_lastname='".$request["user_lastname"]."',user_address='".$request["user_address"]."',user_city='".$request["user_city"]."',user_phone='".$request["user_phone"]."',
                secret_question='".$request["secret_question"]."',secret_answer='".$request["secret_answer"]."',status=".$request["Status"].",Designation='".$request["Designation"]."',companyname='".$request["companyname"]."',companyaddress='".$request["companyaddress"]."',typeofbusiness='".$request["typeofbusiness"]."',
               userfax='".$request["user_fax"]."', industry='".$request["industry"]."',usertype=".$request["user_type"]." ,profession='".$request["profession"]."',user_address='".$request["user_address"]."' ,nicno='".$request["nicno"]."',prefferedpayment='".$request["prefferedpayment"]."' ,iscreditor=".$request["iscreditor"]." WHERE user_id=".$request["user_id"]."";
           }
           
    //echo $sql;
          $update = DB::exec($sql);
		if($update)
		{
                    if($request["iscreditor"]==1){
                                 DB::exec(" call sp_initializecreditor(".$request["user_id"].") ");
                    }
			echo "<span class='success'>User details has been successfully updated</span>";
		}
       }

        function getUserbyID($userid){

           //echo ($userid);
            $sql=" select * from tbl_user where user_id=".$userid."";
           // echo $sql;
            $user_arr = DB::fetchAll($sql);
          //  print_r($user_arr);
            return $user_arr;
            
        }
        function isEmailexist($email){

           //echo ($userid);
            $sql=" select * from tbl_user where user_email='".$email."'";
           // echo $sql;
            $user_arr = DB::fetchAll($sql);
          //  print_r($user_arr);
            return $user_arr;

        }
}
?>